Security Experts:

ThreatMetrix Launches Intelligence Network to Detect Malicious Web Activity

ThreatMetrix, a provider of technologies to help organizations thwart cybercrime, announced a new intelligence network containing threat data and information that can be used to identify transactions and Website visitors as potentially malicious.

The new ThreatMetrix Global Trust Intelligence Network is a repository of information that organizations can use to screen prior transactions and site visitors, as well as to authenticate customers and remote employees, ThreatMetrix said Wednesday.

ThreatMetrix Logo

The Network, as it is called for short, can analyze more than 350 million monthly website transactions and login access attempts for cybercriminal activity, such as spoofed browser settings, a proxy to hide one’s true location, or a past history of high risk behavior. The network can provide insight into both positive and negative behavior for devices and online personas using more than 400 billion data points, ThreatMetrix said. 

The Network offers organizations with real-time screening for online visitors using collaborative intelligence culled from thousands of websites and transactions, according to the company. The Network analyzes "the context and insights of prior visitor behavior and how they relate to incoming transactions," said Alisdair Faulkner , chief products officer of ThreatMetrix, in a statement. With the information, ThreatMetrix can "uncover telltale signs of fraudsters and hackers, including devices infected with malware, virtual private network (VPN) detection, Man-in-the-Browser (MitB) detection, phishing detection, bots and automated attacks," Faulkner said.

Many existing authentication products put customers through a process that can feel intrusive, such as requiring additional personal information, or elaborate with multiple steps, to prevent fraudulent or risky transactions. ThreatMetrix designed the platform so that customers, employees, and other "safe visitors" are not "inconvenienced" while high-risk visitors are identified based on their behavior and blocked.

"Web fraud is the new spam problem of this decade, except it is more profitable and far more lethal to revenues, brands, business continuity and national security," said Faulkner.

Even if the visitor spoofed the browser settings or used a proxy to hide the true location, the network can flag the visitor for additional scrutiny. The assessment is based on previous risky behavior, such as being associated with high-risk behavior across other networks, or is associated with an abnormal number of personas, ThreatMetrix noted.

"Instead of drowning underneath the weight of big data, ThreatMetrix customers can automatically pinpoint Web fraud and compromised users, while reducing friction for trustworthy visitors," Faulkner said.

Faulkner said The Network addresses the need for increased cybersecurity measures as defined in the president's recent Executive Order for "Improving Critical Infrastructure Cybersecurity" because it screens each transaction for risks."The key takeaway from Obama's Executive Order is that a collective threat, such as the threat to our nation's infrastructure, requires a collective and orchestrated response," he said.

Fahmida Y. Rashid is a Senior Contributing Writer for SecurityWeek. She has experience writing and reviewing security, core Internet infrastructure, open source, networking, and storage. Before setting out her journalism shingle, she spent nine years as a help-desk technician, software and Web application developer, network administrator, and technology consultant.